NetworkingNetwork+

Virtualization and SDN for CompTIA Network+ N10-009

Virtualization and Software-Defined Networking (SDN) are explicitly tested on CompTIA Network+ N10-009 as modern infrastructure concepts. You must understand hypervisors, virtual machines, virtual switches, VLANs in virtual environments, and the SDN architecture with its control plane, data plane, and management plane. These concepts are increasingly foundational as modern networks blend physical and virtual components.

9 min

3 sections · 7 exam key points

2 practice questions

Virtualization Fundamentals

Virtualization creates software-based (virtual) versions of physical resources. A hypervisor is the software layer that enables multiple virtual machines (VMs) to run on a single physical host by abstracting hardware resources. Type 1 hypervisors (bare-metal) run directly on hardware: VMware ESXi, Microsoft Hyper-V, Citrix Hypervisor, KVM. More efficient and used in enterprise data centers. Type 2 hypervisors (hosted) run on top of a host OS: VMware Workstation, VirtualBox, Parallels. Used for testing and development.

Virtual machines are software emulations of complete computers. Each VM has its own virtual CPU, RAM, storage, and network interface (vNIC). VMs share the physical hardware of the host. Snapshots capture the state of a VM at a point in time, enabling rollback. Templates allow rapid deployment of pre-configured VMs.

Containers (Docker) provide lightweight isolation at the OS level — they share the host OS kernel but isolate applications. Containers are faster to start and use fewer resources than VMs but provide less isolation. Kubernetes orchestrates containers at scale.

Virtual Networking Components

Virtual switches (vSwitches) connect VMs to each other and to the physical network. VMware vSwitch, Hyper-V Virtual Switch, and Open vSwitch are examples. A vSwitch operates like a physical switch — it builds a MAC table and forwards frames between VMs and to the physical uplinks.

Virtual NICs (vNICs) are software network adapters assigned to VMs. Each VM can have multiple vNICs connected to different virtual networks. Network bridging connects a vNIC to the physical LAN; NAT mode places VMs behind the hypervisor's NAT; host-only mode creates a network between VMs and the host only.

VXLAN (Virtual Extensible LAN) is an overlay network protocol that encapsulates Layer 2 Ethernet frames in UDP packets, allowing VLANs to extend across Layer 3 boundaries. VXLAN is critical in cloud and multi-site data center environments. It uses 24-bit VNI (VXLAN Network Identifier) supporting over 16 million virtual networks — far more than 802.1Q VLANs' 4,094 limit.

Software-Defined Networking (SDN)

SDN separates the network control plane from the data plane. In traditional networking, each device has its own control plane (routing/switching intelligence) and data plane (packet forwarding). SDN centralizes the control plane in a software controller that programs the forwarding behavior of all network devices, which become simple forwarding engines.

SDN planes: Data plane (forwarding plane) — forwards packets based on rules pushed by the controller. Control plane — the SDN controller that makes routing/forwarding decisions for the entire network. Management plane — the interface for network administrators to configure and monitor the controller and network. The southbound interface (APIs like OpenFlow) connects the controller to network devices; the northbound interface connects the controller to applications.

NFV (Network Functions Virtualization) virtualizes network appliances that traditionally run on dedicated hardware — firewalls, load balancers, routers, and WAN optimizers become software functions running on commodity servers. NFV combined with SDN creates highly flexible, software-driven networks.

Hypervisor Types

Type	Runs On	Examples	Use Case
Type 1 (bare-metal)	Directly on hardware	ESXi, Hyper-V, KVM	Enterprise data centers
Type 2 (hosted)	On top of OS	VMware Workstation, VirtualBox	Development, testing, labs

Key exam facts — Network+

Type 1 hypervisor = bare-metal (runs on hardware directly); Type 2 = hosted (runs on OS)
vSwitch connects VMs to each other and to physical network uplinks
VXLAN extends VLANs across Layer 3 using UDP encapsulation — 16M+ virtual networks
SDN separates control plane (centralized controller) from data plane (forwarding devices)
NFV virtualizes network appliances (firewalls, routers, LBs) on commodity hardware
SDN northbound API: controller to applications; southbound API: controller to devices
Containers share the host OS kernel; VMs have their own OS — VMs offer stronger isolation

Common exam traps

Type 1 and Type 2 hypervisors perform equally

Type 1 hypervisors are more efficient and performant because they run directly on hardware without OS overhead — Type 2 has additional latency from the host OS layer

SDN eliminates the need for network devices

SDN centralizes control but still requires physical or virtual forwarding devices — it changes how devices are managed, not whether they exist

VLANs and VXLAN are the same

VLANs (802.1Q) use 12-bit tags supporting 4,094 networks and operate only within Layer 2 domains. VXLAN uses 24-bit identifiers (16M+ networks) and tunnels Layer 2 over Layer 3 UDP — it scales far beyond VLANs

Practice questions — Virtualization and SDN

These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.

Q1.A network administrator needs to run multiple isolated server environments on a single physical host without installing an OS first. Which component is required?

A.Type 2 hypervisor

B.Type 1 hypervisor

C.Container runtime

D.Virtual switch

Explanation: A Type 1 (bare-metal) hypervisor runs directly on the physical hardware without a host OS, making it the correct choice. VMware ESXi and Microsoft Hyper-V are examples. Type 2 hypervisors require a host OS first. Container runtime requires an existing OS. A virtual switch is a component within a virtualized environment, not the foundational layer.

Q2.Which SDN plane is responsible for making routing and forwarding decisions for the entire network from a centralized location?

A.Data plane

B.Control plane

C.Management plane

D.Forwarding plane

Explanation: The control plane in SDN is centralized in the SDN controller and is responsible for making all routing and forwarding policy decisions. The data plane (forwarding plane) on individual devices implements those decisions by forwarding packets. The management plane provides the administrator interface to configure and monitor the controller.

Frequently asked questions — Virtualization and SDN

What is the difference between VMs and containers?

Virtual machines include a full guest OS — they are isolated at the hardware level and can run different operating systems. Containers share the host OS kernel and isolate only the application environment — they are faster to start, use less memory, and are more portable, but offer less security isolation. VMs are appropriate when strong isolation or different OSes are needed; containers suit microservices and cloud-native applications.

What is VXLAN and why is it important?

VXLAN (Virtual Extensible LAN) is an overlay protocol that encapsulates Ethernet frames inside UDP packets, enabling Layer 2 networks to span Layer 3 boundaries. This is critical for cloud computing and data centers where VMs may migrate between physical servers on different subnets. VXLAN supports 16+ million virtual networks vs 802.1Q VLAN's 4,094 limit.

Practice this topic

Network+practice questions

Test yourself on Virtualization and SDN

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime